Removal of scopes for an existing client

Let’s say a client is created & registered with 3 scopes - read, create, delete
And user of the app authorized all 3 scopes for that client.
Later on, it was realized that client should not have had delete scope and as a result, we want to update client with revised scopes as read and create (removing delete scope)

What’s the best practice to handle/manage existing access tokens, which may have to be invalidated because it contains not just read and write but delete scope as well?
Or is that something can be achieved by deleting the client altogether and creating a new one with revised scopes? Any other alternatives?

Please advise.

You need to delete the existing consent sessions and redo the OAuth2 flow

Thank you for recommendation!